<?php
defined('ALT_PATH') or exit('No direct script access allowed');
$dbo = new System_User();
// validasi
$validate = Alt_Validation::instance()->rule(Alt_Validation::required($_REQUEST["username"]), "Username tidak boleh kosong!")->rule(Alt_Validation::required($_REQUEST["password"]), "Password tidak boleh kosong!")->rule(Alt_Validation::required($_REQUEST["name"]), "Nama tidak boleh kosong!")->rule(Alt_Validation::required($_REQUEST["usergroupid"]), "Pilih usergroup terlebih dahulu!")->validate();
// ubah password
$_REQUEST["password"] = md5($_REQUEST["password"]);
return $dbo->insert($_REQUEST);
<?php
defined('ALT_PATH') or exit('No direct script access allowed');
$_REQUEST['isdisplayed'] = 1;
$dbo = new System_User();
$total = $dbo->count($_REQUEST);
$data = $dbo->get($_REQUEST);
foreach ($data as $i => $item) {
$data[$i]['DB_ROWNUM'] = ($_REQUEST['offset'] ?: 0) + $i + 1;
unset($data[$i]['password']);
}
return array('total' => $total, 'list' => $data);
// logout
$dbo = new System_Session();
$res = $dbo->delete(array('where' => 'userid = ' . $dbo->quote($userdata['userid']) . ' and token like ' . $dbo->quote(System_Auth::get_token())));
System_Auth::clear_token();
}
// user not logged in but token is exist, try to force logout
if (!System_Auth::islogin() && System_Auth::get_token() != '') {
try {
include 'logout.php';
} catch (Exception $e) {
}
}
// validate username and password
Alt_Validation::instance()->rule(Alt_Validation::not_empty($username), 'Username harus diisi!')->rule(Alt_Validation::not_empty($password), 'Password harus diisi!')->check();
// check is exist within database
$user = new System_User();
$res = $user->get(array('where' => 'username = '******'User tidak ditemukan!');
}
// set userdata
$userdata = $res[0];
// checking if password correct
if (md5($password) != $userdata['password']) {
throw new Alt_Exception('Password tidak cocok!');
}
unset($userdata['password']);
$token = System_Auth::generate_token($userdata);
System_Auth::save_token($token);
$session = new System_Session();
}
return false;
}
//$msg = '';
if (session_is_registered(S_ID)) {
header("Location: index.php");
exit;
}
if (isset($_GET["name"]) && isset($_GET["challenge"])) {
if ($user_id = Check($_GET["name"], $_GET["challenge"])) {
session_register(S_ID);
$_SESSION[S_ID]["user_id"] = $user_id;
$_SESSION[S_ID]["ip_login"] =& $_SERVER["REMOTE_ADDR"];
$_SESSION[S_ID]["time_login"] = time();
//$_SESSION[S_ID]["menu_id"] = 0;
$good = true;
try {
$sys_user = new System_User($db, $user_id);
$sys_user->Login();
} catch (Exception $e) {
$msg = $e->getMessage();
$good = false;
session_destroy();
}
if ($good) {
header("Location: index.php");
exit;
}
}
}
Login($msg);
* (см. "Стандартную публичную лицензию GNU").
*
* Вместе с данной программой вы должны были получить копию "Стандартной
* публичной лицензии GNU"; если это не так, напишите в Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
* Copyright (C) 2008 by Gleb Y. Averchuk <*****@*****.**>
* Vedro System - Web CMS с удобными компонентами для работы с БД.
*/
require_once "config.php";
require_once "classes/db_mysql.php";
require_once "classes/system_user.php";
require_once "include/session.php";
require_once "include/functions.php";
if (session_is_registered(S_ID)) {
$good = true;
try {
$db = GetDBConnect();
$sys_user = new System_User($db);
$sys_user->Current();
$sys_user->Logout();
} catch (Exception $e) {
ShowErrPage("Ошибочка", $e->GetMessage());
$good = false;
}
if ($good) {
session_destroy();
header("Location: login.php");
exit;
}
}
<?php
defined('ALT_PATH') or exit('No direct script access allowed');
$_REQUEST['isdisplayed'] = 1;
$dbo = new System_User();
return $dbo->count($_REQUEST);
<?php
defined('ALT_PATH') or exit('No direct script access allowed');
$dbo = new System_User();
// validasi
Alt_Validation::instance()->rule(Alt_Validation::required($_REQUEST[$dbo->pkey]), "Pilih user terlebih dahulu!")->check();
return $dbo->retrieve($_REQUEST);
<?php
defined('ALT_PATH') or exit('No direct script access allowed');
$dbo = new System_User();
$validate = Alt_Validation::instance()->rule(Alt_Validation::required($_REQUEST[$dbo->pkey]), "User id tidak boleh kosong!")->validate();
if (!$validate[0]) {
throw new Alt_Exception($validate[1]);
}
return $dbo->delete($_REQUEST);
<?php
defined('ALT_PATH') or exit('No direct script access allowed');
$dbo = new System_User();
return $dbo->keyvalues($_REQUEST);
function Logout()
{
$this->UpdateHistory(0);
$this->SaveSession();
if (!($row = $this->db->Query_Fetch_Assoc("SELECT uid, INET_NTOA(ip) as ip, sessid " . "FROM users_online " . "WHERE id=" . $_SESSION[S_ID]["online_table_id"] . " " . "LIMIT 0,1"))) {
LogWrite(USERS_LOG, "ненайдена сессия для " . $this->login . ", в подключенных пользователях");
return;
}
if ($row["uid"] != $this->id) {
LogWrite(USERS_LOG, "для пользователя " . $this->login . " в сессии " . $_REQUEST["PHPSESSID"] . " не совпадает id пользователя (" . $row["uid"] . ")");
}
if ($row["ip"] != $_SESSION[S_ID]["ip_login"]) {
LogWrite(USERS_LOG, "для пользователя " . $this->login . " в сессии " . $_REQUEST["PHPSESSID"] . " не совпадает ip (" . $_SESSION[S_ID]["ip_login"] . " - " . $row["ip_login"] . ")");
}
if ($row["sessid"] != $_REQUEST["PHPSESSID"]) {
LogWrite(USERS_LOG, "для пользователя " . $this->login . " не совпадают сессии " . $_REQUEST["PHPSESSID"] . " и " . $row["sessid"]);
}
$this->db->Query("DELETE FROM users_online WHERE id=" . $_SESSION[S_ID]["online_table_id"]);
$user = new System_User($this->db);
// проверяем есть ли в списке залогиненых этот же пользователь? если есть, и последняя активность более 24 часов, то удаляем запись
if (!($result = $this->db->Query_Fetch("SELECT id, uid, TIMEDIFF(NOW(), time_last_active)+0 as time, inet_ntoa(ip) as ip, time_login, time_last_active " . "FROM users_online "))) {
return;
}
// чистим таблицу с давно законнекчиными
foreach ($result as $row) {
if ($row["time"] < SESSION_HOURS) {
continue;
}
$this->db->Query("INSERT INTO users_connection_history (uid, ip, time_active, state) " . "VALUES ('" . $row["uid"] . "', inet_aton('" . $row["ip"] . "'), '" . $row["time_last_active"] . "', 0)");
$this->db->Query("DELETE FROM users_online WHERE id=" . $row["id"]);
$user->Reset($row["uid"]);
LogWrite(USERS_LOG, "из залогиненых пользователей была удалена старая запись пользователя " . $user->login . ", " . "от " . $row["time_login"] . " (IP: " . $row["ip"] . ")");
}
// чистим старые кешы
ClearCache();
}
<?php
defined('ALT_PATH') or exit('No direct script access allowed');
$_REQUEST['isdisplayed'] = 1;
$dbo = new System_User();
$res = $dbo->get($_REQUEST);
return $res;
<?php
defined('ALT_PATH') or exit('No direct script access allowed');
$dbo = new System_User();
Alt_Validation::instance()->rule(Alt_Validation::required($_REQUEST[$dbo->pkey]), "User id tidak boleh kosong!")->check();
if (isset($_REQUEST["password"])) {
$_REQUEST["password"] = md5($_REQUEST["newpassword"] ? $_REQUEST["newpassword"] : $_REQUEST["password"]);
}
return $dbo->update($_REQUEST);
